Oddbean new post about | logout
 I went to their website coinkite.com and it does not say “open source.” 
In 2020 or 2021 I don’t know if it said open source then, but they did publish a manual on how to build your own cold card with firmware and hardware or something similar. (So at one point they didn’t mind giving out everything.) I hope this is correct but I heard someone say that the “passport wallet” took that Cold card diy manual and copied it then started selling their own wallet. So maybe Coinkite took steps to protect people from knowing how to break the Cold card (which I respect and support.) If any of this is incorrect please forgive me. It’s only hearsay. 

In this video I have attached, NVK says just after 7:50 that the cold card “source code fully open verifiable.” Which signals that the code is open for anyone to view, check, and verify, but there might be something that is private and not shared. I would hope this is the secure element that holds your keys, codes, pins and access parameters. Since I “air gap” and don’t plug the cold card into a computer then there is no reason to not trust the secure element for my purposes. (Plus no one is calling them out like they are Pascal the Ledger CEO.) 

This video was made just after Ledger had their tweet debacle that made a lot of people ditch ledger because they were changing. 
1. Not open nor verifiable code.
2. They made an update that could send your private keys over the internet if you approved the send. (Not something I am willing to compromise on. No way no how! Not worth the risk. 

I think this is a must watch video from begging to end. 

https://youtu.be/M3VjQUcyZSY?si=VX20qG7FtGTaHS6_